151 lines
5.9 KiB
PHP
151 lines
5.9 KiB
PHP
<?php
|
|
// ============================================================
|
|
// api/laporan.php — CRUD & Approval Laporan Masyarakat
|
|
// ============================================================
|
|
require_once __DIR__ . '/config.php';
|
|
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
$db = getDB();
|
|
|
|
// ── POST: Submit laporan publik baru (Tanpa Login) ──────────
|
|
if ($method === 'POST') {
|
|
$d = body();
|
|
|
|
if (empty($d['nama'])) jsonError('Nama warga yang dilaporkan wajib diisi.');
|
|
if (empty($d['kelurahan_id'])) jsonError('Kelurahan wajib dipilih.');
|
|
if (empty($d['keterangan'])) jsonError('Keterangan kondisi wajib diisi.');
|
|
|
|
// Generate No. Laporan: RPT-YYYY-XXXX (cth: RPT-2026-001)
|
|
$year = date('Y');
|
|
|
|
// Lock table / select max count for transaction safety
|
|
$stmtCount = $db->prepare("SELECT COUNT(*) FROM laporan WHERE YEAR(created_at) = ?");
|
|
$stmtCount->execute([$year]);
|
|
$count = $stmtCount->fetchColumn();
|
|
$nextNo = $count + 1;
|
|
$noLaporan = "RPT-" . $year . "-" . str_pad($nextNo, 3, '0', STR_PAD_LEFT);
|
|
|
|
// Pastikan no_laporan benar-benar unik
|
|
$stmtCheck = $db->prepare("SELECT COUNT(*) FROM laporan WHERE no_laporan = ?");
|
|
$stmtCheck->execute([$noLaporan]);
|
|
if ($stmtCheck->fetchColumn() > 0) {
|
|
$noLaporan = "RPT-" . $year . "-" . str_pad($nextNo + 1, 3, '0', STR_PAD_LEFT);
|
|
}
|
|
|
|
$stmt = $db->prepare(
|
|
"INSERT INTO laporan (no_laporan, nama_pelapor, hp_pelapor, nama_dilaporkan, nik,
|
|
kelurahan_id, kategori, jumlah_anggota, penghasilan, keterangan,
|
|
lat, lng, status, tgl_laporan)
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'menunggu', CURRENT_DATE())"
|
|
);
|
|
$stmt->execute([
|
|
$noLaporan,
|
|
$d['pelapor'] ?? null,
|
|
$d['hp'] ?? null,
|
|
$d['nama'],
|
|
$d['nik'] ?? null,
|
|
$d['kelurahan_id'],
|
|
$d['kategori'] ?? 'miskin',
|
|
$d['jumlah_anggota'] ?? 1,
|
|
$d['penghasilan'] ?? 0,
|
|
$d['keterangan'],
|
|
$d['lat'] ?? null,
|
|
$d['lng'] ?? null
|
|
]);
|
|
|
|
$lapId = $db->lastInsertId();
|
|
jsonOk(['id' => $lapId, 'no' => $noLaporan], 'Laporan berhasil dikirim');
|
|
}
|
|
|
|
// Laporan read/update butuh autentikasi
|
|
$user = requireAuth();
|
|
|
|
// ── GET: List semua laporan ──────────────────────────────────
|
|
if ($method === 'GET') {
|
|
$rows = $db->query(
|
|
"SELECT l.id, l.no_laporan AS no, l.nama_pelapor AS pelapor, l.hp_pelapor AS hp,
|
|
l.nama_dilaporkan AS nama, l.nik, l.kategori, l.jumlah_anggota AS jml,
|
|
l.penghasilan AS ph, l.keterangan AS ket, l.lat, l.lng, l.status,
|
|
l.tgl_laporan AS tgl, l.created_at, k.id AS kelurahan_id, k.nama AS kel, k.kecamatan
|
|
FROM laporan l
|
|
LEFT JOIN kelurahan k ON l.kelurahan_id = k.id
|
|
ORDER BY l.created_at DESC"
|
|
)->fetchAll();
|
|
|
|
jsonOk($rows);
|
|
}
|
|
|
|
// ── PUT: Approve atau Reject laporan ──────────────────────────
|
|
if ($method === 'PUT') {
|
|
requireEdit();
|
|
$id = getParam('id');
|
|
$action = getParam('action'); // 'approve' atau 'reject'
|
|
|
|
if (!$id) jsonError('ID laporan wajib disertakan.');
|
|
if (!in_array($action, ['approve', 'reject'])) jsonError('Aksi tidak valid.');
|
|
|
|
$db->beginTransaction();
|
|
try {
|
|
// Ambil data laporan
|
|
$stmtLap = $db->prepare("SELECT * FROM laporan WHERE id = ?");
|
|
$stmtLap->execute([$id]);
|
|
$lap = $stmtLap->fetch();
|
|
|
|
if (!$lap) jsonError('Laporan tidak ditemukan.');
|
|
if ($lap['status'] !== 'menunggu') jsonError('Laporan sudah diproses sebelumnya.');
|
|
|
|
if ($action === 'reject') {
|
|
$stmtUp = $db->prepare("UPDATE laporan SET status = 'ditolak', tgl_proses = CURRENT_TIMESTAMP() WHERE id = ?");
|
|
$stmtUp->execute([$id]);
|
|
$db->commit();
|
|
jsonOk(null, 'Laporan ditolak');
|
|
}
|
|
|
|
if ($action === 'approve') {
|
|
// 1. Tambahkan ke tabel warga
|
|
$stmtWarga = $db->prepare(
|
|
"INSERT INTO warga (nama, nik, kelurahan_id, lat, lng, kategori, jumlah_anggota,
|
|
penghasilan, tgl_lahir, pendidikan, keterangan, status, pelapor, no_laporan)
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?, NULL, '', ?, 'aktif', ?, ?)"
|
|
);
|
|
$stmtWarga->execute([
|
|
$lap['nama_dilaporkan'],
|
|
$lap['nik'],
|
|
$lap['kelurahan_id'],
|
|
$lap['lat'] ?? -0.0230,
|
|
$lap['lng'] ?? 109.3420,
|
|
$lap['kategori'],
|
|
$lap['jumlah_anggota'] ?? 1,
|
|
$lap['penghasilan'] ?? 0,
|
|
$lap['keterangan'] . ' (Laporan: ' . $lap['no_laporan'] . ')',
|
|
$lap['nama_pelapor'],
|
|
$lap['no_laporan']
|
|
]);
|
|
$wargaId = $db->lastInsertId();
|
|
|
|
// 2. Tambahkan KK sebagai anggota keluarga pertama
|
|
$stmtAnggota = $db->prepare(
|
|
"INSERT INTO anggota_keluarga (warga_id, nama, usia, hubungan)
|
|
VALUES (?, ?, 0, 'Kepala Keluarga')"
|
|
);
|
|
$stmtAnggota->execute([$wargaId, $lap['nama_dilaporkan']]);
|
|
|
|
// 3. Update status laporan menjadi disetujui & tautkan warga_id
|
|
$stmtUp = $db->prepare(
|
|
"UPDATE laporan
|
|
SET status = 'disetujui', warga_id = ?, approved_by = ?, tgl_proses = CURRENT_TIMESTAMP()
|
|
WHERE id = ?"
|
|
);
|
|
$stmtUp->execute([$wargaId, $user['id'], $id]);
|
|
|
|
$db->commit();
|
|
jsonOk(['warga_id' => $wargaId], 'Laporan disetujui dan warga berhasil ditambahkan');
|
|
}
|
|
} catch (Exception $e) {
|
|
$db->rollBack();
|
|
jsonError('Gagal memproses laporan: ' . $e->getMessage(), 500);
|
|
}
|
|
}
|
|
|
|
jsonError('Method tidak valid', 405);
|